package upcweb.web;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;

import upcweb.modelo.ClsAcceso;
import upcweb.negocio.BsAccesos;
import upcweb.util.ClsReturn;

@Controller
public class SecurityController {

	
	@RequestMapping(value = "/verPaginas", method = RequestMethod.POST)
	protected ModelAndView verPaginas(HttpServletRequest request,
			HttpServletResponse response){	
		//System.out.println("pagina nueva");
		BsAccesos ba = new BsAccesos();
		ModelAndView mv = new ModelAndView("admin/mvMantObjetos");		
		//if (request.getParameter("search")==null){
			mv.addObject("datos",ba.getPaginas());			
		//}		
		return mv;
	}
	
	@RequestMapping(value = "/opUserRoles", method = RequestMethod.POST)
	protected ModelAndView opUsrRoles(HttpServletRequest request,
			HttpServletResponse response){	
		//System.out.println("pagina nueva");
		BsAccesos ba = new BsAccesos();				
		ClsAcceso clsRol = new ClsAcceso();
		ModelAndView mv = new ModelAndView("admin/mvManrRoles");		
		
		ClsReturn ret = new ClsReturn();
		String rol  ="";
		String sview="";
		String oper ="";
		String usr = "";
		
		if(request.getParameter("new_usr")!=null){
			rol = request.getParameter("rol");
			usr = request.getParameter("new_usr");
			ret = ba.addUsrRol(new ClsAcceso(rol, usr));
			ret.setOkMessage("Se ha adicionado el Usuario al Rol");
			sview = rol;
		}
		else if (request.getParameter("del_usr")!=null){
			rol = request.getParameter("rol");
			usr = request.getParameter("del_usr");
			ret = ba.delUsrRol(new ClsAcceso(rol,usr));
			ret.setOkMessage("Se ha quitado el Usuario del Rol");
			sview = rol ;
		}
		
		if (request.getParameter("view")!=null){
			sview = request.getParameter("view");			
		}
		if (!sview.isEmpty()){
		clsRol.setCo_Rol(sview);
		mv.addObject("users",ba.getUsuariosRol(clsRol));
		mv.addObject("paginas",ba.getPaginasRol(clsRol));
		}
		
		mv.addObject("return",ret);			
		mv.addObject("all_paginas",ba.getPaginas());
		mv.addObject("rol",sview);
		mv.addObject("roles",ba.getRoles());		
		return mv;
	}
	
	@RequestMapping(value = "/verRoles", method = RequestMethod.POST)
	protected ModelAndView verRoles(HttpServletRequest request,
			HttpServletResponse response){	
		//System.out.println("pagina nueva");
		BsAccesos ba = new BsAccesos();				
		ClsAcceso clsRol = new ClsAcceso();
		ModelAndView mv = new ModelAndView("admin/mvManrRoles");		
		
		ClsReturn ret = new ClsReturn();
		String rol  ="";
		
		String oper ="";
		if ( request.getParameter("oper")!=null){
		oper = request.getParameter("oper");
		}
		int obj = 0, acc=0;
		String crol ="";
		String sview="";
		
		if (request.getParameter("new_rol")!=null){
			crol = request.getParameter("new_rol");
			ret = ba.addRol(new ClsAcceso(crol));
			sview = crol;
			ret.setOkMessage("Se creado el ROL satisfactoriamente.");
		}		
		else if(request.getParameter("del_rol")!=null){
			crol = request.getParameter("del_rol");
			ret = ba.delRol(new ClsAcceso(crol));
			sview = crol;
			ret.setOkMessage("Se creado quitado el ROL satisfactoriamente.");
		}
		else if (oper.equalsIgnoreCase("addp")){
			acc = Integer.parseInt(request.getParameter("acceso"));
			crol = request.getParameter("rol");
			obj =  Integer.parseInt(request.getParameter("objeto"));
			ret = ba.addPageRol(new ClsAcceso(crol,obj,acc));
			sview = crol;
			ret.setOkMessage("Pagina Web adicionada al ROL");
		}
		else if (oper.equalsIgnoreCase("delp")){
			crol = request.getParameter("rol");
			obj =  Integer.parseInt(request.getParameter("objeto"));
			ret = ba.delPageRol(new ClsAcceso(crol,obj,0));
			sview = crol;
			ret.setOkMessage("Pagina Web removida del ROL");
		}
		
		if (request.getParameter("view")!=null){
			sview = request.getParameter("view");			
		}
		if (!sview.isEmpty()){
		clsRol.setCo_Rol(sview);
		mv.addObject("users",ba.getUsuariosRol(clsRol));
		mv.addObject("paginas",ba.getPaginasRol(clsRol));
		}
		
		mv.addObject("return",ret);			
		mv.addObject("all_paginas",ba.getPaginas());
		mv.addObject("rol",sview);
		mv.addObject("roles",ba.getRoles());		
		//if (request.getParameter("search")==null){
		//mv.addObject("datos",ba.getPaginas());			
		//}		
		return mv;
	}
	
	@RequestMapping(value = "/opPaginas", method = RequestMethod.POST)
	protected ModelAndView opPaginas(HttpServletRequest request,
			HttpServletResponse response){	
		//System.out.println("pagina nueva");
		BsAccesos ba = new BsAccesos();
		ClsReturn ret = new ClsReturn();
		ModelAndView mv = new ModelAndView("admin/mvMantObjetos");
		String operacion = "";
		String nom = "", url = "", des = "";
		int id = 0 , acceso = 0;
		if (request.getParameter("operacion")!=null){
			operacion = request.getParameter("operacion");
			if (operacion.equalsIgnoreCase("add")){
			nom = request.getParameter("name");
			url = request.getParameter("url");
			des = request.getParameter("descrip");
			acceso = Integer.parseInt(request.getParameter("acceso"));
			ret = ba.addPagina(new ClsAcceso(nom,url,des,acceso));
			}
			else if (operacion.equalsIgnoreCase("del")){
				id = Integer.parseInt(request.getParameter("id"));
				ret  = ba.delPagina(new ClsAcceso(id));
			}
		}				
		
		mv.addObject("datos",ba.getPaginas());			
		mv.addObject("operacion",operacion);
		mv.addObject("return", ret);
		return mv;
	}
	
}
